On Zesty, I tried to reproduce the CVE before the patch and was able to,
after patching the package, rebuilding, and restarting the thumbnailer
service I no longer could reproduce the issue.
** Changed in: gnome-exe-thumbnailer (Ubuntu Zesty)
Assignee: James Lu (tacocat) => (unassigned)
** Changed in: gnome-exe-thumbnailer (Ubuntu Xenial)
Assignee: James Lu (tacocat) => (unassigned)
** Changed in: gnome-exe-thumbnailer (Ubuntu Xenial)
Status: In Progress => Confirmed
** Changed in: gnome-exe-thumbnailer (Ubuntu Zesty)
Status: In Progress => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/651610
Title:
[CVE-2017-11421] Version number for .msi thumbnail is obtained from
unreliable source
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-exe-thumbnailer/+bug/651610/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
